OAuth Dance : Simple way to get OAuth token   ( TIPS & TRICKS )

Hey guys,

I am writing this thread to explain how to get OAuth token in a simple way !! ( Hope It helps )

How to make this Dance easy ???

Link --->>>  OAuth 2.0 — OAuth 

a brief knowledge on Oauth would help make this process fun learning !!

How to get jive Auth token ??

Two ways to get Tokens from Jive

          1 .  Use  credentials to get a token ( Not a good idea to use this token ,if your trying to register Webhooks) 

          2.   Use auth Grant way to get the Token ( Token valid for most of the use cases )

                                                                     snapshot how the Work flow looks like

Step 1 Using Credentials 

•     curl -u '<client-id>:<client-secret>' -d'grant_type=password&username=userone&password=psswd1' https://<URL-of-Jive-Service>/oauth2/token

             replace the values in < > with appropriate data and fire the call to jive

•   Response for the above is the 

           {"token_type":"bearer","expires_in":"172799","refresh_token":"############################.r","access_token":"##################################.t"}

   simple way in getting a token but can not be used for all kind of api calls .

Step 2 Using Auth Grant method

• <jive-url>/oauth2/authorize?client_id=<client_id>&response_type=code

        fire a call to jive it redirects to this screen user clicks on grant access 

• Next screen or the next step is that jive sends the AUTHGRANT code to redirect url

looks like this !! and AUTHGRANT TOKEN ENDS WITH    .c      https://client.application.com/oauth2/redirect?code=<authz_code>

• AuthGrant code is valid for few minutes!!! make sure you make a call for token soon !!!  how ??

Use postman

Note : to do this you have to configure Call back url to  POSTMAN

else keep your CURL command ready so that you can use it soon you get the AUTH GRANT code

curl -u '<CLIENT ID>:<CLIENT SCERET>' -d 'code=<AUTH GRANT CODE>&grant_type=authorization_code&client_id=<CLIENT ID>' <jive-url>/oauth2/token

• At this point you should have the TOKEN in the Following format

"scope":"uri:/api","token_type":"bearer","expires_in":"172799","refresh_token":"<Refresh TOKEN>","access_token":"<TOKEN>"}

******************************************************************************************************************************************************************************************************************************************************************************

Few Tips and tricks

Tip one if your using token to register a Webhook always use Auth Grant method

Tip two save your Refresh token and make single call to get TOKEN ( IF YOU HATE DANCING )

TIP three Set up post man for obtaining TOKEN ( POSTMAN will take care of Dancing , watch him get token )

  TOKEN ending with       >>>      .i  CLIENT ID  ||  

                                                    .S  CLIENT SECRET  ||  

                                                    .C    AUTH GRANT CODE    ( MOST OFTEN MISTAKEN FOR TOKEN ) ||

                                                    .T  TOKEN ( USED FOR API CALLS)       

                                                    .R  REFRESH TOKEN ( USED TO GET THE TOKEN WHEN EXPIRED )

Tip four all ways clear the cache when you are playing with this (  killed hours finding what was going wrong  ) 

POST YOUR TIPS AND TRICKS ( SHARING IS CARING   )

CHEERS !!

Rashed Talukder